Sophos vulnerabilities found, patched

Fixes issued for archive handling problems.

Researchers working with Tipping Point's Zero Day Initiative (ZDI) program have released details of two vulnerabilities in the Sophos scanning engine. The flaws, in the handling of CPIO and SIT archive formats, could be exploited by maliciously crafted files to cause a buffer overflow and potentially breach system security.

VB100

The vulnerabilities are being announced after patches for the flaws have been released by Sophos. Users are advised to ensure their products are running the latest updates from Sophos (engine version 2.40).

Further information on the issues can be found at Sophos, here and here, and at the ZDI site, here and here. A joint alert from Secunia is here.

Secunia is also carrying an alert (here) on a vulnerability in ClamAV found during recent testing of gateway mail filters, reported in VB here.

13 December 2006

Tags: virus   del.icio.us  digg this! digg this


Poll

Will the current banking crisis lead to an increase in phishing attacks?
Yes
No
I don't know

Leave a comment

Jobs Recruit Sidebar

VB100 certification

VB100 With a new set of samples to measure detection against, a new platform on new hardware and a selection of new products in the mix, John Hawes had his work cut out in this comparative review on Windows XP SP3.
See full results.

Virus Bulletin currently has 137,839 registered users.